One of the most common myths regarding the emerging TDoS (Telephony Denial of Service) market segment, portrays a RBN (Russian Business Network) type of bulletproof infrastructure used to launch these attacks. The infrastructure’s speculated resilience is supposed to be acting as a foundation for the increase of TDoS services and products. Fact or fiction? Keep reading.

In this post, we’ll profile a SIP-based, API-supporting fake caller ID/SMS number supporting DIY service, and discuss its relevance in the overall increase in TDoS underground market propositions.

More details:

Sample screenshots of the service in action:

Although the featured screenshots offer a fake caller ID service verification on behalf of the cybercriminals operating the service — advertised publicly since 2011 — that’s just the tip of the iceberg, due to the standardized nature of SIP, as well as the availability of an API allowing virtually anyone to build custom TDoS (Telephony Denial of Service) attack tools while using their infrastructure.

Not surprisingly, based on our research, it’s currently a combination of both, with the abuse of legitimate services offered by SIP providers and mobile carriers, as well as the systematic introduction of bulletproof SIP infrastructure. We believe that due to the industry’s current ‘catch up mode’ in regard to this emerging DoS (Denial of Service) vector, cybercriminals will continue successfully launching these attacks, utilizing both legitimate and purely malicious infrastructure, to achieve their objectives.